CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin

Vulnerability title: SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin CVE: CVE-2015-7319 Vendor: WordPress DWBooster Product: Appointment Booking Calendar Affected version: 1.1.7 Fixed version: 1.1.8 Reported by: Ibйria Medeiros Vulnerability Details: ===================== It...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2015-06983)

Oracle MySQL Server is an open source relational database management system from Oracle. This database system is characterized by high performance, low cost, good reliability and so on. An unspecified vulnerability exists in Oracle MySQL Server versions 5.5.45 and earlier and 5.6.26 and earlier. ...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2015-06986)

Oracle MySQL Server is an open source relational database management system from Oracle. This database system is characterized by high performance, low cost, good reliability and so on. An unspecified vulnerability exists in Oracle MySQL Server versions 5.5.45 and earlier and 5.6.26 and earlier...

CVE-2015-4858

Disclaimer: This data contains information about vulnerable...

OpenJDK: kerberos realm name leak (JGSS, 8048030)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS...

CVE-2015-4730

Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types...

RHEL 6 / 7 : libwmf (RHSA-2015:1917)

Updated libwmf packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Oracle Linux 6 / 7 : libwmf (ELSA-2015-1917)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1917 advisory. - Resolves: rhbz1227428 - CVE-2015-0848 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696 Tenable has extracted the preceding description block directly fr...

libwmf security update

CentOS Errata and Security Advisory CESA-2015:1917 Updated libwmf packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base...

F5 Networks BIG-IP : Linux kernel vulnerability (SOL17458)

The 1 piperead and 2 pipewrite implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed copytouserinatomic and copyfromuserinatomic calls, which allows local users to cause a denial of service system crash or possibly gain privileges via a...

Directory Traversal

Overview Versions 13.0.8 and earlier of geddy are vulnerable to a directory traversal attack via URI encoded attack vectors. Proof of Concept http://localhost:4000/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd Recommendation Update geddy to version =...

FanFootage: XSS by image file name

Hello, An XSS can be triggered if the user uploaded an image with an XSS vector as the file name, See the screenshot for more info, Thanks...

Oracle: Security Advisory (ELSA-2007-0347)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3369-1 : zendframework - security update

Multiple vulnerabilities were discovered in Zend Framework, a PHP framework : - CVE-2015-5723 It was discovered that due to incorrect permissions masks when creating directories, local attackers could potentially execute arbitrary code or escalate privileges. - ZF2015-08 no CVE assigned Chris...

[SECURITY] Fedora 22 Update: libwmf-0.2.8.4-46.fc22

A library for reading and converting Windows MetaFile vector graphics WMF...

Gentoo Security Advisory GLSA 201507-03

Gentoo Linux Local Security Checks GLSA 201507-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

SAP HANA - log injection and no size restriction

Application: SAP HANA Versions Affected: SAP HANA Vendor URL: http://www.sap.com Bugs: Log injection Reported: 28.09.2015 Vendor response: 29.09.2015 Date of Public Advisory: 12.01.2016 Reference: SAP Security Note 2241978 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: Log injectio...

Adobe Flash - uint Capacity Field

Adobe Flash - uint Capacity Field Source: https://code.google.com/p/google-security-research/issues/detail?id=504 The latest version of the Vector. length check in Flash 18,0,0,232 is not robust against memory corruptions such as heap overflows. While it’s no longer possible to obviously bypass t...

Git-1.9.5 ssh-agent.exe Buffer Overflow Exploit

Exploit for windows platform in category dos / poc Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe github.com/msysgit/msysgit/releases/tag/Git-1.9.5-preview20150319 Vulnerability Type: =================== Buffer Overflow...

Adobe Flash - No Checks on Vector.<uint> Capacity Field Exploit

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=504 The latest version of the Vector. length check in Flash 18,0,0,232 is not robust against memory corruptions such as heap overflows. While it’s no longer possible to...